public function add_owner_institution_access($instnames = array())
{
if (!$this->id) {
return false;
}
$institutions = empty($instnames) ? array_keys(load_user_institutions($this->owner)) : $instnames;
if (!empty($institutions)) {
db_begin();
foreach ($institutions as $i) {
$exists = record_exists_select('view_access', 'view = ? AND institution = ? AND startdate IS NULL AND stopdate IS NULL', array($this->id, $i));
if (!$exists) {
$vaccess = new stdClass();
$vaccess->view = $this->id;
$vaccess->institution = $i;
$vaccess->startdate = null;
$vaccess->stopdate = null;
$vaccess->allowcomments = 0;
$vaccess->approvecomments = 1;
$vaccess->ctime = db_format_timestamp(time());
insert_record('view_access', $vaccess);
}
}
db_commit();
}
return true;
}
public function get_themedata()
{
$preftheme = $this->get_account_preference('theme');
if (!empty($preftheme)) {
// the format of preferred theme: <theme name>/<institution name>
// This format is created by the function general_account_prefs_form_elements()
$list = explode('/', $preftheme);
if (count($list) > 1) {
$iid = $list[1];
$institutions = load_user_institutions($this->id);
if (isset($institutions[$iid])) {
$institution = $institutions[$iid];
$stylesheets = array();
if ($institution->style) {
$stylesheets[] = get_config('wwwroot') . 'style.php?id=' . $institution->style;
}
return (object) array('basename' => $institution->theme, 'headerlogo' => $institution->logo, 'stylesheets' => $stylesheets, 'institutionname' => $iid);
}
} else {
if (!empty($list[0]) && get_config('sitethemeprefs')) {
return (object) array('basename' => $list[0]);
}
}
// Or the current preferred theme is not available
// The system will pick one
return $this->institutiontheme;
}
if ($this->institutiontheme) {
// No theme set so use 'sitedefault'
$this->institutiontheme->altname = 'sitedefault';
}
return $this->institutiontheme;
}
/**
* Fetch a config setting for the specified user's institutions (from either the "institution" or "institution_config" table)
*
* @param string $key
* @param int $userid (Optional) If not supplied, fetch for the current user's institutions
* @return array The results for the all the users' institutions, in the order
* supplied by load_user_institutions(). Array key is institution name.
*/
function get_configs_user_institutions($key, $userid = null)
{
global $USER, $CFG;
if ($userid === null) {
$userid = $USER->id;
}
// Check for the user and key in the cache (The cache is stored in $CFG so it can be cleared/updated
// if we ever write a set_config_institution() method)
$userobj = "user{$userid}";
if (isset($CFG->userinstconf->{$userobj}->{$key})) {
return $CFG->userinstconf->{$userobj}->{$key};
}
// We didn't hit the cache, so retrieve the config from their
// institution.
// First, get a list of their institution names
if (!$userid) {
// The logged-out user has no institutions.
$institutions = false;
} else {
if ($userid == $USER->id) {
// Institutions for current logged-in user
$institutions = $USER->get('institutions');
} else {
$institutions = load_user_institutions($userid);
}
}
// If the user belongs to no institution, check the Mahara institution
if (!$institutions) {
// For compatibility with $USER->get('institutions') and
// load_user_institutions(), we only really care about the
// array keys
$institutions = array('mahara' => 'mahara');
}
$results = array();
foreach ($institutions as $instname => $inst) {
$results[$instname] = get_config_institution($instname, $key);
}
// Cache the result
if (!isset($CFG->userinstconf)) {
$CFG->userinstconf = new stdClass();
}
if (!isset($CFG->userinstconf->{$userobj})) {
$CFG->userinstconf->{$userobj} = new stdClass();
}
$CFG->userinstconf->{$userobj}->{$key} = $results;
return $results;
}
/**
* Fetch a config setting for the specified user's institution.
* @param string $key
* @param int $userid (Optional) If not supplied, fetch for the current user's institution
*/
function get_config_user_institution($key, $userid = null)
{
global $USER;
if ($userid === null) {
$userid = $USER->id;
}
static $cache = array();
if (isset($cache[$userid][$key])) {
return $cache[$userid][$key];
}
if ($userid == null) {
$institutions = $USER->get('institutions');
} else {
$institutions = load_user_institutions($userid);
}
// If the user belongs to no institution, check the Mahara institution
if (!$institutions) {
$institutions = get_records_assoc('institution', 'name', 'mahara');
}
$results = array();
foreach ($institutions as $instname => $inst) {
$results[$instname] = get_config_institution($instname, $key);
}
$cache[$userid][$key] = $results;
return $results;
}
/**
* Authenticate user using username+password or token.
* This function sets up $USER global.
* It is safe to use has_capability() after this.
* This method also verifies user is allowed to use this
* server.
* @return void
*/
protected function authenticate_user()
{
global $USER, $SESSION, $WEBSERVICE_INSTITUTION, $WEBSERVICE_OAUTH_USER;
if ($this->authmethod == WEBSERVICE_AUTHMETHOD_USERNAME) {
$this->auth = 'USER';
//we check that authentication plugin is enabled
//it is only required by simple authentication
$plugin = get_record('auth_installed', 'name', 'webservice');
if (empty($plugin) || $plugin->active != 1) {
throw new WebserviceAccessException(get_string('wsauthnotenabled', 'auth.webservice'));
}
if (!$this->username) {
throw new WebserviceAccessException(get_string('missingusername', 'auth.webservice'));
}
if (!$this->password) {
throw new WebserviceAccessException(get_string('missingpassword', 'auth.webservice'));
}
// special web service login
safe_require('auth', 'webservice');
// get the user
$user = get_record('usr', 'username', $this->username);
if (empty($user)) {
throw new WebserviceAccessException(get_string('wrongusernamepassword', 'auth.webservice'));
}
// user account is nolonger validly configured
if (!($auth_instance = webservice_validate_user($user))) {
throw new WebserviceAccessException(get_string('invalidaccount', 'auth.webservice'));
}
// set the global for the web service users defined institution
$WEBSERVICE_INSTITUTION = $auth_instance->institution;
// get the institution from the external user
$ext_user = get_record('external_services_users', 'userid', $user->id);
if (empty($ext_user)) {
throw new WebserviceAccessException(get_string('wrongusernamepassword', 'auth.webservice'));
}
// determine the internal auth instance
$auth_instance = get_record('auth_instance', 'institution', $ext_user->institution, 'authname', 'webservice');
if (empty($auth_instance)) {
throw new WebserviceAccessException(get_string('wrongusernamepassword', 'auth.webservice'));
}
// authenticate the user
$auth = new AuthWebservice($auth_instance->id);
if (!$auth->authenticate_user_account($user, $this->password, 'webservice')) {
// log failed login attempts
throw new WebserviceAccessException(get_string('wrongusernamepassword', 'auth.webservice'));
}
} else {
if ($this->authmethod == WEBSERVICE_AUTHMETHOD_PERMANENT_TOKEN) {
$this->auth = 'TOKEN';
$user = $this->authenticate_by_token(EXTERNAL_TOKEN_PERMANENT);
} else {
if ($this->authmethod == WEBSERVICE_AUTHMETHOD_OAUTH_TOKEN) {
//OAuth
$this->auth = 'OAUTH';
// special web service login
safe_require('auth', 'webservice');
// get the user - the user that authorised the token
$user = get_record('usr', 'id', $this->oauth_token_details['user_id']);
if (empty($user)) {
throw new WebserviceAccessException(get_string('wrongusernamepassword', 'auth.webservice'));
}
// check user is member of configured OAuth institution
$institutions = array_keys(load_user_institutions($this->oauth_token_details['user_id']));
$auth_instance = get_record('auth_instance', 'id', $user->authinstance);
$institutions[] = $auth_instance->institution;
if (!in_array($this->oauth_token_details['institution'], $institutions)) {
throw new WebserviceAccessException(get_string('institutiondenied', 'auth.webservice'));
}
// set the global for the web service users defined institution
$WEBSERVICE_INSTITUTION = $this->oauth_token_details['institution'];
// set the note of the OAuth service owner
$WEBSERVICE_OAUTH_USER = $this->oauth_token_details['service_user'];
} else {
$this->auth = 'OTHER';
$user = $this->authenticate_by_token(EXTERNAL_TOKEN_USER);
}
}
}
// now fake user login, the session is completely empty too
$USER->reanimate($user->id, $user->authinstance);
}
protected function reset_institutions()
{
$institutions = load_user_institutions($this->id);
$admininstitutions = array();
$staffinstitutions = array();
$this->theme = get_config('theme');
foreach ($institutions as $i) {
if ($i->admin) {
$admininstitutions[$i->institution] = $i->institution;
}
if ($i->staff) {
$staffinstitutions[$i->institution] = $i->institution;
}
if (!empty($i->theme) && $i->theme != get_config('theme')) {
$this->theme = $i->theme;
}
}
$this->institutions = $institutions;
$this->admininstitutions = $admininstitutions;
$this->staffinstitutions = $staffinstitutions;
}
public function reset_institutions()
{
$institutions = load_user_institutions($this->id);
$admininstitutions = array();
$staffinstitutions = array();
$this->theme = get_config('theme');
foreach ($institutions as $i) {
if ($i->admin) {
$admininstitutions[$i->institution] = $i->institution;
}
if ($i->staff) {
$staffinstitutions[$i->institution] = $i->institution;
}
if (!empty($i->theme) && $i->theme != get_config('theme')) {
$this->theme = $i->theme;
}
}
if ($this->authinstance) {
$authobj = AuthFactory::create($this->authinstance);
if (isset($institutions[$authobj->institution])) {
if ($t = $institutions[$authobj->institution]->theme) {
$this->theme = $t;
}
}
}
$this->institutions = $institutions;
$this->admininstitutions = $admininstitutions;
$this->staffinstitutions = $staffinstitutions;
}
